1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
|
Sent TLS Record
Header:
Version = TLS 1.0 (0x301)
Content Type = Handshake (22)
Length = 256
ClientHello, Length=252
client_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x????????
random_bytes (len=28): ????????????????????????????????????????????????????????
session_id (len=0):
cipher_suites (len=2)
{0x13, 0x01} TLS_AES_128_GCM_SHA256
compression_methods (len=1)
No Compression (0x00)
extensions, length = 209
extension_type=UNKNOWN(57), length=49
0000 - 0c 00 0f 00 01 04 80 00-75 30 03 02 44 b0 0e ........u0..D..
000f - 01 02 04 04 80 0c 00 00-05 04 80 08 00 00 06 ...............
001e - 04 80 08 00 00 07 04 80-08 00 00 08 02 40 64 .............@d
002d - 09 02 40 64 ..@d
extension_type=ec_point_formats(11), length=4
uncompressed (0)
ansiX962_compressed_prime (1)
ansiX962_compressed_char2 (2)
extension_type=supported_groups(10), length=22
ecdh_x25519 (29)
secp256r1 (P-256) (23)
ecdh_x448 (30)
secp521r1 (P-521) (25)
secp384r1 (P-384) (24)
ffdhe2048 (256)
ffdhe3072 (257)
ffdhe4096 (258)
ffdhe6144 (259)
ffdhe8192 (260)
extension_type=session_ticket(35), length=0
extension_type=application_layer_protocol_negotiation(16), length=11
ossltest
extension_type=encrypt_then_mac(22), length=0
extension_type=extended_master_secret(23), length=0
extension_type=signature_algorithms(13), length=36
ecdsa_secp256r1_sha256 (0x0403)
ecdsa_secp384r1_sha384 (0x0503)
ecdsa_secp521r1_sha512 (0x0603)
ed25519 (0x0807)
ed448 (0x0808)
ecdsa_brainpoolP256r1_sha256 (0x081a)
ecdsa_brainpoolP384r1_sha384 (0x081b)
ecdsa_brainpoolP512r1_sha512 (0x081c)
rsa_pss_pss_sha256 (0x0809)
rsa_pss_pss_sha384 (0x080a)
rsa_pss_pss_sha512 (0x080b)
rsa_pss_rsae_sha256 (0x0804)
rsa_pss_rsae_sha384 (0x0805)
rsa_pss_rsae_sha512 (0x0806)
rsa_pkcs1_sha256 (0x0401)
rsa_pkcs1_sha384 (0x0501)
rsa_pkcs1_sha512 (0x0601)
extension_type=supported_versions(43), length=3
TLS 1.3 (772)
extension_type=psk_key_exchange_modes(45), length=2
psk_dhe_ke (1)
extension_type=key_share(51), length=38
NamedGroup: ecdh_x25519 (29)
key_exchange: (len=32): ????????????????????????????????????????????????????????????????
Sent Frame: Crypto
Offset: 0
Len: 256
Sent Frame: Padding
Sent Packet
Packet Type: Initial
Version: 0x00000001
Destination Conn Id: 0x????????????????
Source Conn Id: <zero length id>
Payload length: 1178
Token: <zero length token>
Packet Number: 0x00000000
Sent Datagram
Length: 1200
Received Datagram
Length: 1200
Received Packet
Packet Type: Initial
Version: 0x00000001
Destination Conn Id: <zero length id>
Source Conn Id: 0x????????????????
Payload length: 115
Token: <zero length token>
Packet Number: 0x00000000
Received Frame: Ack (without ECN)
Largest acked: 0
Ack delay (raw) 0
Ack range count: 0
First ack range: 0
Received Frame: Crypto
Offset: 0
Len: 90
Received TLS Record
Header:
Version = TLS 1.2 (0x303)
Content Type = Handshake (22)
Length = 90
Inner Content Type = Handshake (22)
ServerHello, Length=86
server_version=0x303 (TLS 1.2)
Random:
gmt_unix_time=0x????????
random_bytes (len=28): ????????????????????????????????????????????????????????
session_id (len=0):
cipher_suite {0x13, 0x01} TLS_AES_128_GCM_SHA256
compression_method: No Compression (0x00)
extensions, length = 46
extension_type=supported_versions(43), length=2
TLS 1.3 (772)
extension_type=key_share(51), length=36
NamedGroup: ecdh_x25519 (29)
key_exchange: (len=32): ????????????????????????????????????????????????????????????????
Received Packet
Packet Type: Handshake
Version: 0x00000001
Destination Conn Id: <zero length id>
Source Conn Id: 0x????????????????
Payload length: 1042
Packet Number: 0x00000000
Received Frame: Crypto
Offset: 0
Len: 1022
Received TLS Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 1022
Inner Content Type = Handshake (22)
EncryptedExtensions, Length=88
extensions, length = 86
extension_type=UNKNOWN(57), length=67
0000 - 0c 00 00 08 ?? ?? ?? ??-?? ?? ?? ?? 0f 08 ?? ....????????..?
000f - ?? ?? ?? ?? ?? ?? ?? 01-04 80 00 75 30 03 02 ???????....u0..
001e - 44 b0 0e 01 02 04 04 80-0c 00 00 05 04 80 08 D..............
002d - 00 00 06 04 80 08 00 00-07 04 80 08 00 00 08 ...............
003c - 02 40 64 09 02 40 64 .@d..@d
extension_type=application_layer_protocol_negotiation(16), length=11
ossltest
Certificate, Length=818
context (len=0):
certificate_list, length=814
ASN.1Cert, length=809
------details-----
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = Root CA
Validity
Not Before: Jan 14 22:29:46 2016 GMT
Not After : Jan 15 22:29:46 2116 GMT
Subject: CN = server.example
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:d5:5d:60:6a:df:fc:61:ee:48:aa:8c:11:48:43:
a5:6d:b6:52:5d:aa:98:49:b1:61:92:35:b1:fc:3a:
04:25:0c:6d:79:ff:b4:d5:c9:e9:5c:1c:3b:e0:ab:
b3:b8:7d:a3:de:6d:bd:e0:dd:d7:5a:bf:14:47:11:
42:5e:a6:82:d0:61:c1:7f:dd:13:46:e6:09:85:07:
0e:f2:d4:fc:1a:64:d2:0a:ad:20:ab:20:6b:96:f0:
ad:cc:c4:19:53:55:dc:01:1d:a4:b3:ef:8a:b4:49:
53:5d:8a:05:1c:f1:dc:e1:44:bf:c5:d7:e2:77:19:
57:5c:97:0b:75:ee:88:43:71:0f:ca:6c:c1:b4:b2:
50:a7:77:46:6c:58:0f:11:bf:f1:76:24:5a:ae:39:
42:b7:51:67:29:e1:d0:55:30:6f:17:e4:91:ea:ad:
f8:28:c2:43:6f:a2:64:a9:fb:9d:98:92:62:48:3e:
eb:0d:4f:82:4a:8a:ff:3f:72:ee:96:b5:ae:a1:c1:
98:ba:ef:7d:90:75:6d:ff:5a:52:9e:ab:f5:c0:7e:
d0:87:43:db:85:07:07:0f:7d:38:7a:fd:d1:d3:ee:
65:1d:d3:ea:39:6a:87:37:ee:4a:d3:e0:0d:6e:f5:
70:ac:c2:bd:f1:6e:f3:92:95:5e:a9:f0:a1:65:95:
93:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:E7:84:BF:E8:59:27:33:10:B0:52:4F:51:52:2F:06:D6:C0:7A:CD
X509v3 Authority Key Identifier:
70:7F:2E:AE:83:68:59:98:04:23:2A:CD:EB:3E:17:CD:24:DD:01:49
X509v3 Basic Constraints:
CA:FALSE
X509v3 Extended Key Usage:
TLS Web Server Authentication
X509v3 Subject Alternative Name:
DNS:server.example
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
7b:d3:04:43:75:8a:0f:11:ae:c4:fb:d7:a1:a2:9e:fe:20:18:
d5:f4:2f:31:88:46:b6:75:8c:ee:e5:9b:97:a6:b9:a3:cd:60:
9a:46:c3:48:97:e5:97:68:f7:5a:86:35:73:d9:69:9e:f9:5f:
74:b9:e6:94:13:01:cb:6a:dc:e3:c4:04:e9:65:da:9c:a4:8b:
28:f3:f9:9a:7f:bf:97:1f:45:92:e5:05:b1:56:e6:0b:f6:47:
de:1e:89:b6:2b:e1:4d:df:4a:7e:01:d3:23:dc:97:8c:47:fe:
5f:c7:cc:98:46:0e:c4:83:5b:ca:8a:f1:52:09:be:6b:ec:3f:
09:8b:d0:93:02:bf:e1:51:e7:d1:7e:34:56:19:74:d0:ff:28:
25:de:b7:9f:56:52:91:7d:20:29:85:0a:80:44:5f:71:32:25:
71:0f:c2:16:e2:5f:6b:1d:3f:32:5b:0a:3c:74:1c:b9:62:f1:
ed:07:50:a3:6d:b4:b4:31:0a:c0:53:44:6a:3a:88:84:8b:2d:
a9:b0:37:8e:e6:18:36:bd:9a:20:40:0f:01:92:8b:3d:aa:61:
e7:ae:2c:ed:36:cd:3a:07:86:74:3a:29:b3:d7:3a:b4:00:a9:
c2:f5:92:78:0e:e2:0f:a3:fe:bb:be:e0:06:53:84:59:1d:90:
69:e5:b6:f9
-----BEGIN CERTIFICATE-----
MIIDJTCCAg2gAwIBAgIBAjANBgkqhkiG9w0BAQsFADASMRAwDgYDVQQDDAdSb290
IENBMCAXDTE2MDExNDIyMjk0NloYDzIxMTYwMTE1MjIyOTQ2WjAZMRcwFQYDVQQD
DA5zZXJ2ZXIuZXhhbXBsZTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB
ANVdYGrf/GHuSKqMEUhDpW22Ul2qmEmxYZI1sfw6BCUMbXn/tNXJ6VwcO+Crs7h9
o95tveDd11q/FEcRQl6mgtBhwX/dE0bmCYUHDvLU/Bpk0gqtIKsga5bwrczEGVNV
3AEdpLPvirRJU12KBRzx3OFEv8XX4ncZV1yXC3XuiENxD8pswbSyUKd3RmxYDxG/
8XYkWq45QrdRZynh0FUwbxfkkeqt+CjCQ2+iZKn7nZiSYkg+6w1PgkqK/z9y7pa1
rqHBmLrvfZB1bf9aUp6r9cB+0IdD24UHBw99OHr90dPuZR3T6jlqhzfuStPgDW71
cKzCvfFu85KVXqnwoWWVk40CAwEAAaN9MHswHQYDVR0OBBYEFMDnhL/oWSczELBS
T1FSLwbWwHrNMB8GA1UdIwQYMBaAFHB/Lq6DaFmYBCMqzes+F80k3QFJMAkGA1Ud
EwQCMAAwEwYDVR0lBAwwCgYIKwYBBQUHAwEwGQYDVR0RBBIwEIIOc2VydmVyLmV4
YW1wbGUwDQYJKoZIhvcNAQELBQADggEBAHvTBEN1ig8RrsT716Ginv4gGNX0LzGI
RrZ1jO7lm5emuaPNYJpGw0iX5Zdo91qGNXPZaZ75X3S55pQTActq3OPEBOll2pyk
iyjz+Zp/v5cfRZLlBbFW5gv2R94eibYr4U3fSn4B0yPcl4xH/l/HzJhGDsSDW8qK
8VIJvmvsPwmL0JMCv+FR59F+NFYZdND/KCXet59WUpF9ICmFCoBEX3EyJXEPwhbi
X2sdPzJbCjx0HLli8e0HUKNttLQxCsBTRGo6iISLLamwN47mGDa9miBADwGSiz2q
YeeuLO02zToHhnQ6KbPXOrQAqcL1kngO4g+j/ru+4AZThFkdkGnltvk=
-----END CERTIFICATE-----
------------------
No extensions
Sent Frame: Ack (without ECN)
Largest acked: 0
Ack delay (raw) 0
Ack range count: 0
First ack range: 0
Sent Frame: Padding
Sent Packet
Packet Type: Initial
Version: 0x00000001
Destination Conn Id: 0x????????????????
Source Conn Id: <zero length id>
Payload length: 1178
Token: <zero length token>
Packet Number: 0x00000001
Sent Datagram
Length: 1200
Received Datagram
Length: 234
Received Packet
Packet Type: Handshake
Version: 0x00000001
Destination Conn Id: <zero length id>
Source Conn Id: 0x????????????????
Payload length: 213
Packet Number: 0x00000001
Received Frame: Crypto
Offset: 1022
Len: 192
Received TLS Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 192
Inner Content Type = Handshake (22)
CertificateVerify, Length=260
Signature Algorithm: rsa_pss_rsae_sha256 (0x0804)
Signature (len=256): ????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
Finished, Length=32
verify_data (len=32): ????????????????????????????????????????????????????????????????
Sent TLS Record
Header:
Version = TLS 1.2 (0x303)
Content Type = ApplicationData (23)
Length = 36
Inner Content Type = Handshake (22)
Finished, Length=32
verify_data (len=32): ????????????????????????????????????????????????????????????????
Sent Frame: Ack (without ECN)
Largest acked: 1
Ack delay (raw) 0
Ack range count: 0
First ack range: 1
Sent Frame: Crypto
Offset: 0
Len: 36
Sent Packet
Packet Type: Handshake
Version: 0x00000001
Destination Conn Id: 0x????????????????
Source Conn Id: <zero length id>
Payload length: 60
Packet Number: 0x00000000
Sent Datagram
Length: 81
|